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In the Claims: 

1 . (Currently Amended) A method for secure distribution of digital content 
to an untrusted environment of an intended recipient of said digital content, comprising 
the steps of: 

constructing a r e lativ e ly t rusted environment within said untrusted 

environment; 

constructing at least two digital inputs, said digital inputs are -being 
operable in combination in order to reproduce produce a rendered version of said digital 
content; 

transferring digital media to said relativ e ly trusted environment such that 
each of said inputs is transmitted via a different path, and; 

combining said inputs within said trusted environment in order to 
reproduc e produce said rendered output version of digital content * said trusted 
environment otherwise preventing access to said digital inputs . 

2. (Original) A method according to claim 1 wherein said digital content is a 
document. 

3. (Currently Amended) A method according to claim 21 wherein said digital 
content is multimedia digital content. 

4. (Original) A method according to claim 3 wherein said multimedia digital 
content is an audio digital content. 

5. (Original) A method according to claim 3 wherein said multimedia digital 
content is a video digital content. 

6. (Original) A method according to claim 3 wherein said multimedia digital 
content consists of at least two different streams. 
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7. (Original) A method according to claim 6 wherein at least one of said 
different streams consists of video digital content. 

8. (Original) A method according to claim 6 wherein at least one of said 
different streams consists of audio digital content. 

9. (Original) A method according to claim 6 wherein at least one of said 
different streams consists of textual digital content. 

10. (Original) A method according to claim 1 wherein said untrusted 
environment comprise a consumer's computer. 

11. (Currently Amended) A method according to claim 1 wherein said 
relativ e ly trusted environment comprise a software component. 

12. (Original) A method according to claim 11 wherein said software 
component is updateable. 

13. (Original) A method according to claim 11 wherein said software 
component comprise at least one tamper resistant software component. 

14. (Original) A method according to claim 13 wherein at least one of said 
software components is updateable. 

15. (Currently Amended) A method according to claim 1 wherein said 
r e latively trusted environment comprise a hardware component. 

16. (Original) A method according to claim 15 wherein said hardware 
component comprise at least one tamper resistant hardware component. 
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17. (Currently Amended) A method according to claim 1 wherein said 
relativ e ly trusted environment comprise a firmware component. 

18. (Original) A method according to claim 17 wherein said firmware 
component is updateable. 

19. (Original) A method according to claim 17 wherein said firmware 
component comprise at least one tamper resistant firmware component. 

20. (Original) A method according to claim 19 wherein at least one of said 
tamper resistant firmware components is updateable. 

21. (Currently Amended) A method according to claim 1 wherein said 
relativ e ly trusted environment comprise at least two components. 

22. (Original) A method according to claim 21 wherein at least one of said 
components comprises a software component. 

23. (Original) A method according to claim 22 wherein said software 
component is updateable. 

24. (Original) A method according to claim 22 wherein said software 
component comprise at least one tamper resistant software component. 

25. (Original) A method according to claim 24 wherein at least one of said 
software components is updateable. 

26. (Original) A method according to claim 21 wherein at least one of said 
components comprises a hardware component. 
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27. (Original) A method according to claim 26 wherein said hardware 
component comprise at least one tamper resistant hardware component. 

28. (Original) A method according to claim 21 wherein at least one of said 
components comprises a firmware component. 

29. (Original) A method according to claim 28 wherein said software 
firmware is updateable. 

30. (Original) A method according to claim 28 wherein said firmware 
component comprise at least one tamper resistant firmware component. 

31. (Original) A method according to claim 30 wherein at least one of said 
firmware components is updateable. 

32. (Original) A method according to claim 1 wherein at least one of said 
inputs comprise of a key. 

33. (Original) A method according to claim 32 wherein said key is a 
cryptographic key. 

34. (Original) A method according to claim 32 wherein said key is a 
scrambling key. 

35. (Original) A method according to claim 1 wherein at least one of said 
inputs comprise of a scrambled copy of said digital content, and at least one other input 
comprise of the information needed for said reproduction. 

36. (Original) A method according to claim 1 wherein a group of at least two 
of said inputs comprise of a function of a scrambled copy of said digital content, and at 



least one other input comprise of the information needed for reconstruction. 

37. (Original) A method according to claim 1 wherein said reproduction 
results in an output which is identical to said digital content. 

38. (Currently Amended) A method according to claim 1 wherein said 
reproduction results in an output which is suffici e ntly similar to said digital content. 

39. (Original) A method according to claim 1 wherein a group of at least two 
of said inputs comprises of a function of said digital content. 

40. (Original) A method according to claim 39 wherein said function 
comprises of splitting said digital content to said inputs. 

41. (Original) A method according to claim 1 wherein said method comprise 
of using at least one updateable component. 

42. (Original) A method according to claim 41 wherein said updateable 
component is associated with a revision level identifier. 

43. (Original) A method according to claim 42 wherein said revision level 
identifier is a version number. 

44. (Original) A method according to claim 42 wherein said revision level 
identifier is revision date. 

45. (Original) A method according to claim 42 wherein at least one aspect of 
operation of the underlying system depends on said revision level. 
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46. (Original) A method according to claim 45 wherein at least some 
functionality of the underlying system is limited if said revision level does not belong to a 
specific set of revision levels. 

47. (Original) A method according to claim 46 wherein said limited 
functionality comprise of the ability to receive a set of digital content. 

48. (Original) A method according to claim 46 wherein said limited 
functionality comprise of the ability to receive a set of digital content in a specific format. 

49. (Original) A method according to claim 46 wherein said limited 
functionality comprise of the ability to receive a set of digital content in a specific 
method. 

50. (Original) A method according to claim 42 wherein said revision level is 
communicated to at least one other component of the underlying system by said 
updateable component. 

5 1 . (Original) A method according to claim 50 wherein said communication is 
initiated by said updateable component. 

52. (Original) A method according to claim 50 wherein said communication is 
part of another communication that is part of the normal workflow of the underlying 
system. 

53. (Original) A method according to claim 50 wherein said communication is 
initiated by said other component of the underlying system. 



ii 
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54. (Original) A method according to claim 41 wherein a component within 
said untrusted environment queries another component in the underlying system for 
revisioned version of said updateable component. 

55. (Original) A method according to claim 41 wherein transfer of said 
updateable component is performed automatically without intervention. 

56. (Original) A method according to claim 41 wherein transfer of said 
updateable component is initiated by approval. 

57. (Original) A method according to claim 41 wherein installation of said 
updateable component is performed automatically without intervention. 

58. (Original) A method according to claim 41 wherein installation of said 
updateable component is initiated by approval. 

59. (Currently Amended) A method according to claim 1 wherein said digital 
content is split into said separate inputs in a r e lativ e ly trusted server, said server is 
operable to deliver said digital content to said relatively trusted environment in the form 
of said separate inputs. 

60. (Currently Amended) A method according to claim 59 wherein said 
digital content arrives in the form of second separate inputs different from said first 
separate inputs to said relatively trusted server, said relatively trusted server is operable to 
rearrange said digital content to the form of said first separate inputs. 

61. (Currently Amended) A method according to claim 1 wherein said digital 
content arrives in the form of said separate inputs to a server, said server is operable to 
deliver said digital content to said r e lativ e ly t rusted environment in the form of said 
separate inputs. 
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62. (Original) A method according to claim 1 for secure distribution of digital 
content comprising the steps of: 

gathering input from at least one source; 

producing trustworthiness credentials about said digital content's intended 
recipient environment based on said input; 

evaluate said intended recipient environment's trustworthiness credentials; 

determine a distribution policy according to said trustworthiness 
credentials evaluation, and; 

performing decisions about said distribution according to said policy. 

63. (Original) A method according to claim 62 wherein said digital content is 
a document. 

64. (Original) A method according to claim 62 wherein said digital content is 
multimedia digital content. 

65. (Original) A method according to claim 64 wherein said multimedia 
digital content is an audio digital content. 

66. (Original) A method according to claim 64 wherein said multimedia 
digital content is a video digital content. 

67. (Original) A method according to claim 64 wherein said multimedia 
digital content consists of at least two different streams. 

68. (Original) A method according to claim 62 wherein said credentials 
comprise geo-location information. 

69. (Original) A method according to claim 62 wherein said credentials 
comprise geo-location authentication level information. 



11 



70. (Original) A method according to claim 62 wherein said credentials 
comprise authentication level information. 

71. (Original) A method according to claim 62 wherein said credentials 
comprise information gathered in the past. 

72. (Original) A method according to claim 71 wherein said credentials 
further comprise information gathered from analysis of said information gathered in the 
past. 

73. (Original) A method according to claim 71 wherein said information 
gathered in the past comprise of usage information. 

74. (Original) A method according to claim 62 wherein said credentials 
comprise of information about the environment into which said digital content is to be 
distributed. 

75. (Original) A method according to claim 74 wherein said information about 
the environment into which said digital content is to be distributed comprise of 
information about the software environment into which said digital content is distributed. 

76. (Original) A method according to claim 74 wherein said information about 
the environment into which said digital content is to be distributed comprise of 
information about the hardware environment into which said digital content is distributed. 

77. (Original) A method according to claim 76 wherein said information about 
the hardware environment into which said digital content is to be distributed comprise 
information about the video output hardware in that environment. 
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78. (Original) A method according to claim 76 wherein said information about 
the hardware environment into which said digital content is to be distributed comprise 
information about the sound output hardware in that environment. 

79. (Original) A method according to claim 74 wherein said information about 
the environment into which said digital content is to be distributed comprise of 
information about the firmware environment into which said digital content is to be 
distributed. 

80. (Currently Amended) A method according to claim 62 wherein said 
credentials comprise of reports from at least one r e lativ e ly t rusted component. 

81. Original) A method according to claim 80 wherein at least one of said 
components reside in the consumer's computer. 

82. (Original) A method according to claim 80 wherein at least one of said 
components is connected to the consumer's computer. 

83. (Original) A method according to claim 80 wherein at least one of said 
components is a software component. 

84. (Original) A method according to claim 80 wherein at least one of said 
components is a firmware component. 

85. (Original) A method according to claim 80 wherein at least one of said 
components is a tamper resistant component. 

86. (Original) A method according to claim 80 wherein at least one of said 
components is a hardware component. 
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87. (Original) A method according to claim 83 wherein at least one of said 
software components is updateable. 

88. (Original) A method according to claim 84 wherein at least one of said 
firmware components is updateable. 

89. (Original) A method according to claim 62 wherein said method comprise 
of using at least one updateable component. 

90. (Original) A method according to claim 89 wherein said updateable 
component is associated with a revision level identifier. 

91. (Original) A method according to claim 90 wherein said revision level 
identifier is a version number. 

92. (Original) A method according to claim 90 wherein said revision level 
identifier is revision date. 

93. (Original) A method according to claim 90 wherein at least one aspect of 
operation of the underlying system depends on said revision level. 

94. (Original) A method according to claim 93 wherein at least some 
functionality of the underlying system is limited if said revision level does not belong to a 
specific set of revision levels. 

95. (Original) A method according to claim 94 wherein said limited 
functionality comprise of the ability to receive a set of digital content. 

96. (Original) A method according to claim 94 wherein said limited 
functionality comprise of the ability to receive a set of digital content in a specific format. 
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97. (Original) A method according to claim 94 wherein said limited 
functionality comprise of the ability to receive a set of digital content in a specific 
method. 

98. (Original) A method according to claim 90 wherein said revision level is 
communicated to at least one other component of the underlying system by said 
updateable component. 

99. (Original) A method according to claim 98 wherein said communication is 
initiated by said updateable component. 

100. (Original) A method according to claim 98 wherein said communication is 
part of another communication that is part of the normal workflow of the underlying 
system. 

101 . (Original) A method according to claim 98 wherein said communication is 
initiated by said other component of the underlying system. 

102. (Original) A method according to claim 89 wherein a component within 
said untrusted environment queries another component in the underlying system for 
revisioned version of said updateable component. 

103. (Original) A method according to claim 89 wherein transfer of said 
updateable component is performed automatically without intervention. 

104. (Original) A method according to claim 89 wherein transfer of said 
updateable component is initiated by approval. 

105. (Original) A method according to claim 89 wherein installation of said 
updateable component is performed automatically without intervention. 



15 

106. (Original) A method according to claim 89 wherein installation of said 
updateable component is initiated by approval. 

107. (Original) A method according to claim 89 wherein said credentials 
comprise of said revision level. 

108. (Currently Amended) A method for secure distribution of digital content 
comprising the steps of: 

transferring said digital media -content to an untrusted environment; 
using a relatively trusted environment within said untrusted environment^ said 
trusted environment being operable to r e c e iv e p roduce a rendered version of said digital 
content and further being comprised said r e latively trust e d e nvironment comprises of 
mechanisms to restrict tampering thereof with said relatively trusted environment. 

109. (Currently Amended) A method according to claim 108 wherein said 
relativ e ly trusted environment comprise at least two components. 

110. (Original) A method according to claim 109 wherein said components 
comprise at least one hardware component. 

111. (Original) A method according to claim 109 wherein said components 
comprise at least one software component. 

112. (Original) A method according to claim 109 wherein said components 
comprise at least one firmware component. 

113. (Currently Amended) A method according to claim 108 wherein said 
r e latively t rusted environment is a hardware component. 
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114. (Currently Amended) A method according to claim 108 wherein said 
relativ e ly t rusted environment is a firmware component. 

115. (Currently Amended) A method according to claim 108 wherein said 
relatively t rusted environment is a software component. 

116. (Currently Amended) A method according to claim 109 wherein said 
components comprise a watchdog component wherein said watchdog component is 
capable of monitoring other components of the r e lativ e ly t rusted environment. 

117. (Original) A method according to claim 116 wherein said monitoring 
comprise of authentication. 

118. (Original) A method according to claim 117 wherein said authentication 
comprise authentication of a certificate. 

119. (Original) A method according to claim 118 wherein said certificate is a 
cryptographic certificate. 

120. (Original) A method according to claim 117 wherein said authentication 
comprise authentication of the code of the component. 

121. (Original) A method according to claim 1 20 wherein said authentication of 
the code of the component comprises calculating a derivative of said code. 

122. (Original) A method according to claim 120 wherein said authentication of 
the code of the component comprises analysis of the potential operation of said code. 

123. (Original) A method according to claim 117 wherein said authentication 
comprise of a challenge-response method which comprise of a step in which said 
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watchdog component queries the authenticated component issuing a input and further 
comprises of a later step in which the authenticated component issue an output to the 
watchdog said output dependent on said input and said authentication is based on the 
correctness of said output depending on said input. 

124. (Original) A method according to claim 116 wherein said monitoring 
comprises monitoring of the operation of said components. 

125. (Original) A method according to claim 124 wherein said monitoring of 
the operation of said components comprises monitoring of used interfaces. 

126. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprises monitoring of used operating system calls. 

127. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprise monitoring of file operations. 

128. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprise monitoring of memory operations. 

129. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprise monitoring of communication operations. 

130. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprise monitoring of driver operations. 

131. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprise monitoring of input operations. 
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132. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprise monitoring of output operations. 

133. (Original) A method according to claim 125 wherein said monitoring of 
used interfaces comprise monitoring of interfaces used by interfaced entities. 

134. (Currently Amended) A method according to claim 108 wherein said 
relativ e ly t rusted environment comprise at least one updateable component. 

135. (Original) A method according to claim 134 wherein said updateable 
component is associated with a revision level identifier. 

136. (Original) A method according to claim 135 wherein said revision level 
identifier is a version number. 

137. (Original) A method according to claim 135 wherein said revision level 
identifier is revision date. 

138. (Original) A method according to claim 135 wherein at least one aspect of 
operation of the underlying system depends on said revision level. 

139. (Original) A method according to claim 138 wherein at least some 
functionality of the underlying system is limited if said revision level does not belong to a 
specific set of revision levels. 

140. (Original) A method according to claim 139 wherein said limited 
functionality comprise of the ability to receive a set of digital content. 

141. (Original) A method according to claim 139 wherein said limited 
functionality comprise of the ability to receive a set of digital content in a specific format. 
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142. (Original) A method according to claim 139 wherein said limited 
functionality comprise of the ability to receive a set of digital content in a specific 
method. 

143. (Original) A method according to claim 135 wherein said revision level is 
communicated to at least one other component of the underlying system by said 
updateable component. 

144. (Original) A method according to claim 143 wherein said communication 
is initiated by said updateable component. 

145. (Original) A method according to claim 143 wherein said communication 
is part of another communication that is part of the normal workflow of the underlying 
system. 

146. (Original) A method according to claim 143 wherein said communication 
is initiated by said other component of the underlying system. 

147. (Original) A method according to claim 134 wherein a component within 
said untrusted environment queries another component in the underlying system for 
revisioned version of said updateable component. 

148. (Original) A method according to claim 134 wherein transfer of said 
updateable component is performed automatically without intervention. 

149. (Original) A method according to claim 134 wherein transfer of said 
updateable component is initiated by approval. 

150. (Original) A method according to claim 134 wherein installation of said 
updateable component is performed automatically without intervention. 
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151. (Original) A method according to claim 134 wherein installation of said 
updateable component is initiated by approval. 

152. (Currently Amended) A method according to claim 109 wherein at least 
one of said components comprise a plurality of interfaces and e f-functionality to monitor 
at least one of its -said interfaces. 

153. (Original) A method according to claim 152 wherein said monitoring 
comprise of authentication. 

154. (Original) A method according to claim 153 wherein said authentication 
comprise authentication of a certificate. 

155. (Original) A method according to claim 154 wherein said certificate is a 
cryptographic certificate. 

156. (Original) A method according to claim 153 wherein said authentication 
comprise of a challenge-response method which comprise of a step in which said 
component queries the interfaced entity issuing a input and further comprises of a later 
step in which the interfaced entity issue an output to said component said output 
dependent on said input and said authentication is based on the correctness of said output 
depending on said input. 

157. (Currently Amended) A method according to claim 408 -152, wherein said 
method comprises ^functionality to monitor at least one of the -said interfaces used by 
the underlying system. 

158. (Original) A method according to claim 157 wherein said monitoring 
comprise of authentication. 
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159. (Original) A method according to claim 158 wherein said authentication 
comprise authentication of a certificate. 

160. (Original) A method according to claim 159 wherein said certificate is a 
cryptographic certificate. 

161. (Original) A method according to claim 158 wherein said authentication 
comprise of a challenge-response method which comprise of a step in which the 
interfaced entity is queried by issuing a input and further comprises of a later step in 
which the interfaced entity issue back an output said output dependent on said input and 
said authentication is based on the correctness of said output depending on said input. 

162. (Currently Amended) A method according to claim 108 wherein said 
digital content arrives into said relatively t rusted environment in a cryptographically 
encrypted format. 

163. (Original) A method according to claim 116 wherein information gathered 
from monitoring by at least one component is transferred to said watchdog component by 
said component. 

164. (Original) A method according to claim 163 wherein information gathered 
by said watchdog component is transferred as credentials information to a credentials 
based decision making mechanism. 

165. (Original) A method according to claim 116 wherein information gathered 
by said watchdog component is transferred as credentials information to a credentials 
based decision making mechanism. 
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166. (Currently Amended) A method according to claim 108 wherein said 
relatively trusted environment comprise mechanism to restrict coping copying of at least 
one of the outputs said relativ e ly t rusted environment generates. 

167. (Original) A method according to claim 166 wherein said output is part of 
an internal interface. 

168. (Original) A method according to claim 166 wherein said output is an 
external output. 

169. (Original) A method according to claim 168 wherein said external output 
is sound output. 

170. (Original) A method according to claim 168 wherein said external output 
is video output. 

171. (Original) A method according to claim 168 wherein said external output 
is analog output. 

172. (Original) A method according to claim 171 wherein said analog output is 
analog sound output. 

173. (Original) A method according to claim 171 wherein said analog output is 
analog video output. 

174. (Currently Amended) A method according to claim 166 wherein said 
mechanism to restrict coping copying is compris e comprised of altering the output in 
order to change a quality of the copy which is produced by said copying. 
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175. (Original) A method according to claim 174 wherein said quality of said 
copy is the observable quality of the copy. 

176. (Currently Amended) A method according to claim 174 wherein said 
change of said quality is to adversely e£feet -affect said quality. 

177. (Original) A method according to claim 174 wherein said copying is 
digital copying. 

178. (Original) A method according to claim 174 wherein said copying is non- 
digital copying. 

179. (Original) A method according to claim 174 wherein said copying is 
digital copying which involves a non-digital transition. 



